文库文档
美文大全
工作总结
工作报告
工作计划
汇报体会
策划方案
材料资料
作文大全
论文大全
求职/简历
礼仪规范
文秘工作
公文资料
道德思想
党团/申请书
演讲稿
发言致辞
企事业工作
合同大全
主页 > 文库 > 综合文库 >

SUSE Linux主机操作系统安全加固操作规范V1.0

2019-03-16 12:01

SUSE Linux主机操作系统安全加固操作规范

SUSE Linux主机操作系统 安全加固操作规范 2013年6月

1

SUSE Linux主机操作系统安全加固操作规范

1 文档使用说明 ............................................................................................................................... 8

1.1 适用范围 ............................................................................................................................ 8 1.2 适用人员 ............................................................................................................................ 8 2 帐号 .............................................................................................................................................. 8

2.1 SUSE-ACCT-01-设置专用维护帐号 ................................................................................. 8

2.1.1 安全要求: ............................................................................................................. 8 2.1.2 通用策略: ............................................................................................................. 8 2.1.3 风险说明: ............................................................................................................. 8 2.1.4 操作方法: ............................................................................................................. 9 2.1.5 操作验证: ........................................................................................................... 10 2.2 SUSE-ACCT-02-锁定/删除无用帐号 .............................................................................. 10

2.2.1 安全要求: ........................................................................................................... 10 2.2.2 通用策略: ........................................................................................................... 10 2.2.3 风险说明: ........................................................................................................... 10 2.2.4 操作方法: ........................................................................................................... 10 2.2.5 操作验证: ........................................................................................................... 11 2.3 SUSE-ACCT-03-用户帐号分组 ....................................................................................... 11 2.3.1 要求内容: ........................................................................................................... 11 2.3.2 通用策略: ........................................................................................................... 11 2.3.3 风险说明: ........................................................................................................... 11 2.3.4 操作方法: ........................................................................................................... 11 2.3.5 操作验证: .............................................................................................................. 12

3 口令 ............................................................................................................................................ 12 3.1 SUSE-PWD-01-配置用户口令复杂度 ............................................................................ 12 3.1.1 安全要求: ........................................................................................................... 12 3.1.2 通用策略: ........................................................................................................... 12 3.1.3 风险说明: ........................................................................................................... 12 3.1.4 操作方法: ........................................................................................................... 13 3.1.5 操作验证: ........................................................................................................... 13 3.2 SUSE-PWD-02-配置用户口令期限 ................................................................................ 14

3.2.1 安全要求: ........................................................................................................... 14 3.2.2 通用策略: ........................................................................................................... 14 3.2.3 风险说明: ........................................................................................................... 14 3.2.4 操作方法: ........................................................................................................... 14 3.2.5 操作验证: ........................................................................................................... 15 3.3 SUSE-PWD-03-配置用户口令重复使用次数 ................................................................ 15

3.3.1 安全要求: ........................................................................................................... 15 3.3.2 通用策略: ........................................................................................................... 15 3.3.3 风险说明: ........................................................................................................... 15 3.3.4 操作方法: ........................................................................................................... 15 3.3.5 操作验证: ........................................................................................................... 16

2

SUSE Linux主机操作系统安全加固操作规范 3.4 SUSE-PWD-04-配置用户认证失败锁定策略 ................................................................ 16

3.4.1 安全要求: ........................................................................................................... 16 3.4.2 通用策略: ........................................................................................................... 16 3.4.3 风险说明: ........................................................................................................... 16 3.4.4 操作方法: ........................................................................................................... 17

4 服务 ............................................................................................................................................ 19

4.1 SUSE-SVC-01-查看开放系统服务端口 ......................................................................... 19

4.1.1 安全要求: ........................................................................................................... 19 4.1.2 通用策略: ........................................................................................................... 19 4.1.3 风险说明: ........................................................................................................... 19 4.1.4 操作方法: ........................................................................................................... 19 4.1.5 操作验证: ........................................................................................................... 19 4.2 SUSE-SVC-02-禁用无用inetd/xinetd服务 .................................................................... 20

4.2.1 安全要求: ........................................................................................................... 20 4.2.2 通用策略: ........................................................................................................... 20 4.2.3 风险说明: ........................................................................................................... 20 4.2.4 操作方法: ........................................................................................................... 20 4.2.5 操作验证: ........................................................................................................... 20 4.3 SUSE-SVC-03-配置NTP时间同步 ................................................................................ 21

4.3.1 安全要求: ........................................................................................................... 21 4.3.2 通用策略: ........................................................................................................... 21 4.3.3 风险说明: ........................................................................................................... 21 4.3.4 操作方法: ........................................................................................................... 21 4.3.5 操作验证: ........................................................................................................... 22 4.4 SUSE-SVC-04-停用NFS服务 ........................................................................................ 22

4.4.1 安全要求: ........................................................................................................... 22 4.4.2 通用策略: ........................................................................................................... 22 4.4.3 风险说明: ........................................................................................................... 22 4.4.4 操作方法: ........................................................................................................... 23 4.4.5 操作验证: ........................................................................................................... 24 4.5 SUSE-SVC-05-禁用无关启动服务 ................................................................................. 24

4.5.1 安全要求: ........................................................................................................... 24 4.5.2 通用策略: ........................................................................................................... 24 4.5.3 风险说明: ........................................................................................................... 25 4.5.4 操作方法: ........................................................................................................... 25 4.5.5 操作验证: ........................................................................................................... 25 4.6 SUSE-SVC-06-修改SNMP默认团体名 ........................................................................ 25

4.6.1 安全要求: ........................................................................................................... 25 4.6.2 通用策略: ........................................................................................................... 25 4.6.3 风险说明: ........................................................................................................... 26 4.6.4 操作方法: ........................................................................................................... 26 4.7 SUSE-AUTH-01-限制关键文件和目录访问权限 .......................................................... 27

4.7.1 安全要求: ........................................................................................................... 27 4.7.2 通用策略: ........................................................................................................... 27

3

SUSE Linux主机操作系统安全加固操作规范

4.7.3 风险说明: ........................................................................................................... 27 4.7.4 操作方法: ........................................................................................................... 27 4.7.5 操作验证: ........................................................................................................... 28 4.8 SUSE-AUTH-02-设置用户文件默认访问权限 .............................................................. 28

4.8.1 安全要求: ........................................................................................................... 28 4.8.2 通用策略: ........................................................................................................... 28 4.8.3 风险说明: ........................................................................................................... 28 4.8.4 操作方法: ........................................................................................................... 29 4.8.5 操作验证: ........................................................................................................... 29 4.9 SUSE-AUTH-03-设置EEPROM密码 ............................................................................ 29

4.9.1 安全要求: ........................................................................................................... 29 4.9.2 通用策略: ........................................................................................................... 29 4.9.3 风险说明: ........................................................................................................... 29 4.9.4 操作方法: ........................................................................................................... 30 4.9.5 操作验证: ........................................................................................................... 30 4.10 SUSE-AUTH-04-使用SSH代替TELNET远程登陆 .................................................. 30

4.10.1 安全要求: ......................................................................................................... 30 4.10.2 通用策略: ......................................................................................................... 30 4.10.3 风险说明: ......................................................................................................... 30 4.10.4 操作方法: ......................................................................................................... 30 4.10.5 操作验证: ......................................................................................................... 31 4.11 SUSE-AUTH-05-限制ROOT远程登录 ....................................................................... 31

4.11.1 安全要求: ......................................................................................................... 31 4.11.2 通用策略: ......................................................................................................... 31 4.11.3 风险说明: ......................................................................................................... 31 4.11.4 操作方法: ......................................................................................................... 31 4.11.5 操作验证: ......................................................................................................... 32 4.12 SEC-SUSE-AUTH-06-限制用户FTP登录 .................................................................. 33

4.12.1 安全要求: ......................................................................................................... 33 4.12.2 通用策略: ......................................................................................................... 33 4.12.3 风险说明: ......................................................................................................... 33 4.12.4 操作方法: ......................................................................................................... 33 4.12.5 操作验证: ......................................................................................................... 33 4.13 SUSE-AUTH-07-限制FTP用户登录后能访问的目录 ............................................... 34

4.13.1 安全要求: ......................................................................................................... 34 4.13.2 通用策略: ......................................................................................................... 34 4.13.3 风险说明: ......................................................................................................... 34 4.13.4 操作方法: ......................................................................................................... 34 4.13.5 操作验证: ......................................................................................................... 35 4.14 SUSE-AUTH-08-设置终端超时退出时间 .................................................................... 35

4.14.1 要求内容: ......................................................................................................... 35 4.14.2 通用策略: ......................................................................................................... 35 4.14.3 风险说明: ......................................................................................................... 35 4.14.4 操作方法: ......................................................................................................... 35

4

SUSE Linux主机操作系统安全加固操作规范

4.14.5 操作验证: ............................................................................................................ 36 4.15 SUSE-AUTH-09-设置图形界面超时退出时间 ............................................................ 36

4.15.1 要求内容: ......................................................................................................... 36 4.15.2 通用策略: ......................................................................................................... 36 4.15.3 风险说明: ......................................................................................................... 36 4.15.4 操作方法: ......................................................................................................... 36 4.15.5 操作验证: ............................................................................................................ 37 4.16 SUSE-AUTH-10-限制允许登录到设备的IP地址范围 ............................................... 37

4.16.1 安全要求: ......................................................................................................... 37 4.16.2 通用策略: ......................................................................................................... 37 4.16.3 风险说明: ......................................................................................................... 37 4.16.4 操作验证: ......................................................................................................... 38 4.17 SUSE-AUTH-11-设置FTP用户登录后对文件、目录的存取权限 ........................... 38

4.17.1 安全要求: ......................................................................................................... 38 4.17.2 通用策略: ......................................................................................................... 38 4.17.3 风险说明: ......................................................................................................... 38 4.17.4 操作方法: ......................................................................................................... 38 4.17.5 操作验证: ......................................................................................................... 39 4.18 SUSE-AUTH-12-取消所有文件“系统文件”属性 .................................................... 40

4.18.1 安全要求: ......................................................................................................... 40 4.18.2 通用策略: ......................................................................................................... 40 4.18.3 风险说明: ......................................................................................................... 40 4.18.4 操作方法: ......................................................................................................... 40 4.18.5 操作验证: ......................................................................................................... 40 4.19 SUSE-AUTH-13-禁止ctrl+alt+del ................................................................................ 41

4.19.1 安全要求: ......................................................................................................... 41 4.19.2 通用策略: ......................................................................................................... 41 4.19.3 风险说明: ......................................................................................................... 41 4.19.4 操作方法: ......................................................................................................... 41 4.19.5 操作验证: ......................................................................................................... 41 4.20 SUSE-LOG-01-记录用户登录信息 ............................................................................... 41

4.20.1 安全要求: ......................................................................................................... 41 4.20.2 通用策略: ......................................................................................................... 42 4.20.3 风险说明: ......................................................................................................... 42 4.20.4 操作验证: ......................................................................................................... 42 4.21 SUSE-LOG-02-开启系统记帐功能 ............................................................................... 42

4.21.1 安全要求: ......................................................................................................... 42 4.21.2 通用策略: ......................................................................................................... 42 4.21.3 风险说明: ......................................................................................................... 43 4.21.4 操作方法: ......................................................................................................... 43 4.21.5 操作验证: ......................................................................................................... 43 4.22 SUSE-LOG-03-记录系统安全事件 ............................................................................... 44

4.22.1 安全要求: ......................................................................................................... 44 4.22.2 通用策略: ......................................................................................................... 44

5


  • 共2页:
  • 上一页
  • 1
  • 2
  • 下一页
    • SUSE Linux主机操作系统安全加固操作规范V1.0.doc 将本文的Word文档下载到电脑 下载失败或者文档不完整,请联系客服人员解决!
    下载这篇word文档

    下一篇:《家,温馨的港湾》

    相关阅读
    本类排行
    × 注册会员免费下载(下载后可以自由复制和排版)

    马上注册会员

    注:下载文档有可能“只有目录或者内容不全”等情况,请下载之前注意辨别,如果您已付费且无法下载或内容有问题,请联系我们协助你处理。
    微信: QQ: